Secret type

A – Owner Secret. This Secret has read-write permissions. Generated by Librevault client.

C – Read-only Secret. Can be derived from “A”-type Secret.

D – Download-only Secret. It is capable only for exchanging and storing encrypted data. Cannot decrypt filenames, content or cryptographic metadata. Can be derived from “A” or “B” type Secret.

Param

Param is a Base58 character, containing a reserved value, used by Librevault clients. It is intended to be used as an extension point in Secret. It may affect processing of Payload in some way and may have various meanings:

1 – no special meaning

2–z – invalid value

Checksum

Checksum is a check-character, computed using Luhn mod 58 algorithm using Base58 as a code-point mapping. It is computed from Base58-encoded Payload.

Payload

Payload is a most comlicated part. It is encoded using Base58 algorithm and is dependent on Secret type and Param.
Base58-decoded payload (binary payload) contains:

Secret type A – Private key.

Secret type C – Public key with Hash of the private key concatenated to it.

Secret type D – Public key.

Public key crypto: ECC with secp256r1 curve now, but we should consider switching to ed25519 instead (and using Param for distinguishing between them). EC Public keys are in compressed point form.

Folder identifier

Clients use a special unique binary value to find each other over the network without leaking the key. It is computed as a hash value of public key (as in decoded Payload). The hash algorithm must be the same as the algorithm, used by Secret.
Folder identifier has no defined readable encoding and it is meant to be public and safe for publishing to trackers, the local network and the DHT.